Spam Filters Explained

What do they do? How do they work? Which one is right for me? By Alan Hearnshaw

Spam is a very real problem that many people have to deal with on a daily basis. For those that have decided to do something about it and start to investigate the options available in spam filtering, this article provides a brief introduction to your options and the types of spam filters available.

Despite the bewildering array of spam filters available today, all claiming to the best one "of its kind" there are really just five filtering methodologies in general use today and all products rely on one, or a combination of these:

Content-Based Filters

"In the beginning, there were content-based filters."

These filters scan the contents of the and look for tell-tale signs that the message is spam. In the early days of spamming it was quite simple to look out for "Kill Words" such as "Lose Weight" and mark a message as spam if it was found.

Very soon though, spammers got wise to this and started resorting to all kinds of tricks to get their message past the filters. The days of "obfuscation" had begun. We started getting messages containing the phrase "L0se Welght" (Notice the zero for "o" and "l" for "i") and even more bizarre ? and sometimes quite ingenious ? variations.

This rendered basic content-based filters somewhat ineffective, although there are one or two on the market now that are clever enough to "see through" theses attempts and still provide good results.

Bayesian Based Filters

"The Reverend Bayes comes to the rescue"

Born in London 1702, the son of a minister, Thomas Bayes developed a formula which allowed him to determine the probability of an event occurring based on the probabilities of two or more independent evidentiary events.

Bayesian filters "learn" from studying known good and bad messages. Each message is split into single "word bytes", or tokens and these tokens are placed into a database along with how often they are found in each kind of message.

When a new message arrives to be tested by the filter, the new message is also split into tokens and each token is looked up in the database. Extrapolating results from the database and applying a form of the good reverend's formula, know as the a "Naive Bayesian" formula, the message is given a "spamicity" rating and can be dealt with accordingly.

Bayesian filters typically are capable of achieving very good accuracy rates (>97% is not uncommon), and require very little on-going maintenance.

Whitelist/Blacklist Filters

"Who goes there, friend or foe?"

This very basic form of filtering is seldom used on its own nowadays, but can be useful as part of a larger filtering strategy.

A "whitelist" is nothing more than a list of e-mail addresses from which you wish to accept communications. A whitelist filter would only accept messages from these people and all others would be rejected

A "blacklist", conversely, is a list of e-mail addresses - and sometimes IP Addresses (computer identification addresses) - from which communications will not be accepted.

While this may seem like a good idea from the outset, a whitelist methodology is too restrictive for most people and, as virtually all spam e-mails carry a forged "from" address, there is little point in collecting this address to ban it in future as it is very unlikely to be the same next time.

There are bodies on the internet that maintain a list of known "bad" sources of e-mail. Many filters today have the ability to query these servers to see if the message they are looking at comes from a source identified by this Internet-based blacklist, or RBL. While being quite effective, they do tend to suffer from "false positives" where good messages are incorrectly identified as spam. This happens often with newsletters.

Challenge/Response Filters

"Open sesame!"

Challenge/Response filters are characterised by their ability to automatically send a response to a previously unknown sender asking them to take some further action before their message will be delivered. This is often referred to as a "Turing Test" - named after a test devised by British mathematician Alan Turing to determine if machines could "think".

Recent years have seen the appearance of some internet services which automatically perform this Challenge/Response function for the user and require the sender of an e-mail to visit their web site to facilitate the receipt of their message.

Critics of this system claim it to be too drastic a measure and that it sends a message that "my time is more important than yours" to the people trying to communicate with you.

For some low traffic e-mail users though, this system alone may be a perfectly acceptable method of completely eliminating spam from their inbox - one step above the "Whitelist" system outlined above.

Community Filters

"A united front"

These types of filters work on the principal of "communal knowledge" of spam. When a user receives a spam message, they simply mark it as such in their filter. This information is sent to a central server where a "fingerprint" of the message is stored.

After enough people have "voted" this message to be spam, then it is stopped from reaching all the other people in the community.

This type of filtering can prove to be quite effective, although it stands to reason that it can never be 100% effective as a few people have to receive the spam for it to be "flagged" in the first place. Just like its similar cousin the Internet black list (RBL), this system also can suffer from "false positives", or messages incorrectly identified as spam.

Hopefully you are now armed with a little more information to be able to make an informed decision on the best spam filter for you.

For further information, consider reading the reviews and articles found at http://www.whichspamfilter.com

Alan Hearnshaw is a computer programmer and the owner of http://www.whichspamfilter.com, a web site which conducts weekly in-depth reviews of current spam filters, provides help and guidance in the fight against spam and provides a useful community forum. alan@whichspamfilter.com

In The News:

pen paper and inkwell


cat break through


Three Faces of SPAM

Like everybody who will ever read this, I get spam... Read More

How You Can Avoid The New Dangers Of Spam

Until recently, spam has been an annoyance, a definite load... Read More

Junk Mail Works!

Junk mail works. Why does it work? How does it... Read More

How To Stop Unwanted Email Spam

You can stop unwanted email spam, you can choose to... Read More

Of Spam and Sandboxes

About a month ago I had the privilege of giving... Read More

Is Your Website Blacklisted?

A blacklist, as the name implies, is a list of... Read More

How to Write a Privacy Policy

A Privacy Policy can be defined as the policy under... Read More

Is Spam Affecting Your Business Email?

5 Ways Spam Is Affecting Your Business And what we... Read More

Sick Of Wading Through Spam?

It's a nightmare isn't it? You fire up your email... Read More

Pst... Pass It On... I Found Out Its a Hoax

When you receive an email telling you about a virus,... Read More

Im Guilty Until Proven Innocent

No doubt about it."Spam" (unsolicited commercial email) threatens to paralyze... Read More

Invasion of the Email Snatchers

They're sneaky. And stealthy. They're quiet and mostly unobtrusive, but... Read More

Quickly Eliminate 100% of Your Junk Email

Why do so many people think I need to take... Read More

How Can I Stop Getting Spam?

Are you getting too much spam? We all are, but... Read More

Avoiding the Spam Trap: Get Your Message Delivered!

Your message is not being delivered.If you send emails to... Read More

I Love Spam!

What's the big deal? All you read on the internet... Read More

Spammer Stole My Email Address?

Do you get bounced, or rejected emails sent by someone... Read More

Which Spam Filter Is Best For You?

With the number of spam filtering solutions increasing each week... Read More

Where Did The Word Spam Come From?

We've all become familiar with the term spam. It's become... Read More

Block Spam with An Easy Behavioral Change

E-mails now have a connection back to their servers. I... Read More

Spam Filters Explained

What do they do? How do they work? Which one... Read More

What Exactly is Spam?

Spam, as defined in the context of computers, the Internet... Read More

Dont Give the Spammers Your Address From Your Page

Spammers get email addresses from web pages using programs called... Read More

CAN-SPAM Basics

I. BACKGROUNDThe CAN-SPAM Act of 2003 (Controlling the Assault of... Read More

How Spammers Fool Rule-based and Signature-Based Spam Filters

Effectively stopping spam over the long-term requires much more than... Read More

Wiki Reek-y Havoc

The Vandals are coming! And this time they're after your... Read More

Dealing With SPAM - An E-mail Address Strategy

With SPAM being such a problem it might seem the... Read More

5 Zero-Cost Spam Prevention Tools For All Situations!

Anyone who uses email knows what Spam is!It's annoying and... Read More

What To Do When You Get Spam

When you go to your mailbox and find pieces of... Read More

FTC Botches Fight on SPAM, Microsoft Takes Over the Battle

While the Federal Trade Commission is busy fighting over definitions... Read More

Email Spam and Phishing

It seems like the volume of email spam has doubled... Read More

How To Stop Spam (Especially If You?re Already a Victim)

Spam. Those annoying, time-consuming emails that clog your Inbox and... Read More

Ignoring These Tips Could Result in an Inbox Full of Spam

Although there still seem to be some differences among the... Read More